Redefinitions

Detailed Interface

Redefinable Options

Warn if the DH key length is smaller than the certificate key length. This is
potentially unsafe because it gives a wrong impression of safety due to the
certificate key length. However, it is very common and cannot be avoided in some
settings (e.g. with old jave clients).

The category of hosts you would like to be notified about which are using weak
keys/ciphers/protocol_versions. By default, these notices will be suppressed
by the notice framework for 1 day after a particular host has had a notice
generated. Choices are: LOCAL_HOSTS, REMOTE_HOSTS, ALL_HOSTS, NO_HOSTS